Reverts to changeset 435, and just add {% csrf_token %} to template forgot_pw.html, since CSRF protection seems to be only here (surely because of django.contrib.auth.views).
from django.contrib import admin
from cm.models import *
admin.site.register(Text)
admin.site.register(Role)
admin.site.register(UserProfile)
admin.site.register(UserRole)
admin.site.register(TextVersion)
admin.site.register(Email)
admin.site.register(Activity)
admin.site.register(Notification)